Re: SSHD: Limit login attempt rate

---

• From: Guenther Schwarz <strap@xxxxxx>
• Date: Fri, 25 Jul 2008 14:57:34 +0200

---

bmearns wrote:

Thanks for all the great recommendations. I'm especially interested in
iptable rate-limiting and port-knocking, which I will be looking more
into.

With SuSE Linux iptables. Change the line numbers (21 and 22) to your needs:

# iptables --insert input_ext 21 -p tcp -m state --syn --state NEW --dport 22 -m limit --limit 1/minute --limit-burst 2 -j ACCEPT
# iptables --insert input_ext 22 -p tcp -m state --syn --state NEW --dport 22 -j DROP

Works here.

Günther
.

---

• References:
  • SSHD: Limit login attempt rate
    • From: bmearns
  • Re: SSHD: Limit login attempt rate
    • From: Alo
  • Re: SSHD: Limit login attempt rate
    • From: bmearns

• Prev by Date: Re: SSHD: Limit login attempt rate
• Next by Date: 192.168 - why?
• Previous by thread: Re: SSHD: Limit login attempt rate
• Next by thread: Re: SSHD: Limit login attempt rate
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Newsgroups  > comp.os.linux.networking  > 2008-07